Forum Discussion

Andreia's avatar
Andreia
Icon for Cirrus rankCirrus
Jan 10, 2023

iRule - Authorization Bearer / Basic

Hi everyone! I'm trying to "translate" a postman request to an iRule, however, I need help because I have no idea how to handle this in an iRule. When the request is of type BasicAuth, origin servi...
devops
  • PeteWhite's avatar
    PeteWhite
    Jan 10, 2023

    HTTP_REQUEST is in the request which goes to the backend server, HTTP_RESPONSE is for the response from the server to the client. To correct your iRule:

    when HTTP_REQUEST {
  if { [HTTP::header Authorization] contains "Basic" } {
    log local0.debug "Basic: [HTTP::header Authorization]"
    HTTP::insert X-HUB-BASIC "[HTTP::header Authorization]"
  } elseif { [HTTP::header Authorization] contains "Bearer" } {
    log local0.debug "Bearer: [HTTP::header Authorization]"
    HTTP::insert X-HUB-Bearer "[HTTP::header Authorization]"
  }
}
PeteWhite's avatar
PeteWhite
Icon for Employee rankEmployee
Jan 10, 2023

 is actually pretty simple - the relevant piece is the Authorization header. For Basic auth, it starts with the term Basic, for Bearer it starts with the term Bearer.

So the first thing to do is to is to create the pseudocode:

if Authorization header contains Basic
  insert header X-HUB-BASIC with Authorization header
elseif Authorization header contains Bearer
  insert header X-HUB-JWT with Authorization header
endif

To do a proof of concept to detect the difference, try this iRule:

when HTTP_REQUEST {
  if { [HTTP::header Authorization] contains "Basic" } {
    log local0.debug "Basic: [HTTP::header Authorization]"
  elseif { [HTTP::header Authorization] contains "Bearer" } {
    log local0.debug "Bearer: [HTTP::header Authorization]"
  }
}